Research And Application Of Access Control Model In Invoicing System

Invoicing system is an information management system software, which are used to manage the production and sales process, such as receiving orders, purchasing and storing materials, storing products, wholesaling products, payment and settlement, and so on. An reasonable designed invoicing system software can provide data in each process of production and sales to the user timely and accurately. So invoicing system can help the enterprises solve these problems that business management, distribution management, inventory management, marketing plan’s implement and monitoring, collecting statistical information and so on. In addition, the use of invoicing system software solved the malpractice in the traditional manual management, that huge consumption but low productivity.For an information management system, access control mechanism is the key link to ensure the security of system. Its core function shall include, preventing the illegal users from accessing or harming the system resources, allowing legitimate users to access the protected system resources and preventing legitimate users from accessing the protected system resources in an illegal way. In the invoicing system resources, there are a lot of system menus, each menu represents a function form and each form contains a lot of controls, these controls also need to be managed, so each menu contains a lot of sub menus, in addition, the operation process of invoicing system will generate a lot of documents, which has a life cycle, and access control is required to make sure these menus and documents can only be used by legitimate users.In recent years, these access control model are widely used by enterprises, the role-based access control model and the task-based access control model and their combination and extend forms, they played a very good role in previous applications, but with the function of information management system more perfect and rich, the number of users and resources becoming larger, and taking the diversification of customer demand into account, the existing privilege management models show these defects that the method to grant authorization is not flexible enough, the join difficulty of the access control between different grain size and ignored the authority transfer problem.Therefore, based on the research of our echelon, combined with the actual demands of enterprises and learn from the thought of RBAC、TBAC and T-RBAC, this paper present a new model M-TRBAC. In view of the above problems, Firstly, according to the organization structure, resources and operations of an enterprise abstracted the users, the posts, the roles and the permissions, then according to the granularity of access control divided the access control into two categories, coarse granularity access control and fine granularity access control, finally combining with various control granularity, authorization methods and algorithms designed an new access control model that support static and dynamic authorization for different grain size. We apply this model to the invoicing system of cooperative enterprise, and this model greatly reduces the complexity of authorization and well meet the demands of enterprise, so it obtained the comment by the user.